Privacy Policy
1. Who we are
AxiomHex is a corporate actions data intelligence platform for institutional custodians and securities services teams. We operate this website at axiomhex.com.
For the purposes of the EU General Data Protection Regulation (GDPR) and UK GDPR, the data controller is:
2. What personal data we collect
We collect personal data only through the following limited channels:
| Source | Data collected | Purpose |
|---|---|---|
| Contact form | Name, professional email address, institution name, role, institution size, message content | Responding to enquiries about AxiomHex |
| Email correspondence | Email address, name, message content, metadata | Responding to direct email enquiries |
| Server / CDN logs | IP address, browser type, pages visited, timestamps | Security, uptime monitoring, fraud prevention |
We do not use analytics trackers, advertising pixels, or third-party tracking cookies. We do not operate user accounts or collect any financial data via this website.
3. Legal basis for processing
We process personal data on the following legal bases under GDPR Article 6:
- Legitimate interests (Article 6(1)(f)): Responding to professional enquiries submitted via our contact form or by email. We have assessed that our legitimate interest in processing these enquiries does not override the rights of the individuals concerned.
- Legal obligation (Article 6(1)(c)): Server log data may be retained to comply with applicable security or regulatory obligations.
4. How we use your data
Data collected via the contact form is used solely to:
- Respond to your enquiry
- Follow up on discussions you have initiated with us
- Maintain a record of professional communications for our legitimate business purposes
We do not use contact form data for unsolicited marketing, profiling, or automated decision-making. We do not sell, rent, or share personal data with third parties for their own commercial purposes.
5. Third-party processors
We use the following sub-processors to operate this website. Each processes personal data on our behalf under data processing agreements:
| Processor | Role | Location | Transfer basis |
|---|---|---|---|
| Formspree | Contact form submission handling | United States | Standard Contractual Clauses (SCCs) |
| Cloudflare | Website hosting, CDN, DDoS protection | United States / Global | Standard Contractual Clauses (SCCs) |
| Google Workspace | Email communication | United States | Standard Contractual Clauses (SCCs) |
Transfers to the United States are made under the EU Standard Contractual Clauses adopted pursuant to Commission Decision 2021/914/EU. These provide appropriate safeguards for the transfer of personal data to third countries under GDPR Article 46.
6. How long we keep your data
| Data type | Retention period |
|---|---|
| Contact form submissions | 2 years from date of submission, or until you request deletion |
| Email correspondence | 3 years from last communication, or until you request deletion |
| Server / CDN logs | Up to 30 days, as managed by Cloudflare |
7. Cookies
AxiomHex does not set cookies on your device. Our website is a static HTML page with no analytics, no advertising, and no session tracking.
Cloudflare, as our CDN and hosting provider, may set technical cookies necessary for DDoS protection and performance optimisation. These are strictly functional and do not track you across websites. For more information, see Cloudflare's Privacy Policy.
8. Your rights
Under GDPR and UK GDPR, you have the following rights with respect to your personal data:
- Right of access — request a copy of the personal data we hold about you
- Right to rectification — request correction of inaccurate or incomplete data
- Right to erasure — request deletion of your personal data where there is no legitimate reason for us to retain it
- Right to restriction — request that we restrict processing of your data in certain circumstances
- Right to data portability — receive your data in a structured, machine-readable format
- Right to object — object to processing based on legitimate interests
- Right not to be subject to automated decisions — we do not use automated decision-making or profiling
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
9. Supervisory authority
If you are located in the EU and believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local supervisory authority. AxiomHex operates in Germany and the Netherlands — the relevant authorities are:
Germany — Berliner Beauftragte für Datenschutz und Informationsfreiheit (BlnBDI)
Netherlands — Autoriteit Persoonsgegevens (AP)
autoriteitpersoonsgegevens.nl
If you are located in the United Kingdom, you may also contact the Information Commissioner's Office (ICO).
10. Changes to this policy
We may update this privacy policy from time to time to reflect changes in our practices or applicable law. Material changes will be noted at the top of this page with an updated effective date. We encourage you to review this page periodically.
11. Contact
For any questions about this privacy policy or how we handle your personal data:
AxiomHex · Berlin, Germany & Amsterdam, Netherlands